Solarwinds: >> Log And Event Manager >> 6.2.1 Security Vulnerabilities
SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-03-24
The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.
CVSS Score
8.8
EPSS Score
0.03
Published
2017-03-24
SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality.
CVSS Score
7.5
EPSS Score
0.064
Published
2015-10-15